Mozilla Foundation Security Advisory 2008-03

Privilege escalation, XSS, Remote Code Execution

Announced

February 7, 2008

Reporter

moz_bug_r_a4, Boris Zbarsky

Impact

Critical

Products

Firefox, SeaMonkey, Thunderbird

Fixed in

Firefox 2.0.0.12

SeaMonkey 1.1.8

Thunderbird 2.0.0.12

Description

Mozilla contributors moz_bug_r_a4 and
Boris Zbarsky submitted a series of vulnerabilities
which allow scripts from page content to escape from its sandboxed
context and/or run with chrome privileges. An additional vulnerability
reported by moz_bug_r_a4 demonstrated that the XMLDocument.load()
function can be used to inject script into another site, violating the
browser's same-origin policy.

Workaround

Disable JavaScript until a version containing these fixes can be installed.